Robust Coordination of Cloud-Internal Denial of Service Attacks

Suaad Alarifi, Stephen D. Wolthusen

Research output: Chapter in Book/Report/Conference proceedingConference contribution


In an Infrastructure as a Service (IaaS) cloud environment, workloads change dynamically with limited insight by service providers into the precise characteristics of client workloads. At the same time, service providers must seek to honour service level agreements (SLA) regarding performance and availability. In this paper we describe and analyse a class of attacks that may target other workloads or the ability of a service provider to satisfy SLA requirements by launching tightly coordinated attack or attack sequence. The attack seeks to utilise resource over-commitment and the cost of migration and related secondary effects such as power management rather than relying on implementation-specific weaknesses that could be mitigated more easily. The effectiveness of the attack depends on the ability to co-locate and precisely modulate workloads of virtual machines (VMs) on a single host. We describe a novel coordination protocol relying on broadcast primitives in memory-based covert channels for dynamic attack group membership and attack initiation based on a broadcast variant of the Jarecki-Kim-Tsudik (JKT) protocol. This protocol requires very limited channel capacity and has O(n + T) message complexity whilst tolerating up to T failures, increasing the difficulty of detection and mitigation.
Original languageEnglish
Title of host publicationProceedings of the 2013 Third International Conference on Cloud and Green Computing (CGC)
PublisherIEEE Computer Society Press
Publication statusPublished - 2013

Cite this